From: [email protected] [mailto:[email protected]] On Behalf Of mike smith Sent: Monday, 26 November 2012 5:27 PM To: ozDotNet Subject: Re: What type of Insurance covers using your own custom developer machine at work place?
On Mon, Nov 26, 2012 at 3:39 PM, Ken Schaefer <[email protected]<mailto:[email protected]>> wrote: What if it was just an opportunistic theft? Risk involved in trying to peddle the source to someone who a - could use it b - was unethical enough to. My point is that someone who opportunistically steals your computer (e.g. due a home robbery) is probably unlikely to come after you with a piece of 4x2 to get your encryption key. Whilst FDE would have its risks (e.g. you forget the key), it’s a relatively low cost way of mitigating a number of risks. Doesn't FDE typically have an 'enterprise' key as well as a user key? In the situation that Arjang describes, it seems a standalone implementation of PGP, TruCrypt or Bitlocker would suffice. Implementing the “enterprise” version would probably be overkill. A down side, as well, would be performance in doing encrypt/decrypt for every read/write to your disk. I think this is pretty minimal these days. Cheers Ken
